The Office of the Superintendent of Financial Institutions has issued new guidelines on outsourcing for banks and other federally-regulated firms.

The guidelines update those issued in January 2000, setting out OSFI’s expectations for federally regulated financial institutions that outsource or contemplate outsourcing one or more of their business functions to a service provider. They cover Canadian banks, authorized foreign banks, cooperative credit associations, trust and loan companies, and federally incorporated or regulated insurance companies.

The guidelines require each institution to establish a risk management program to identify the risk from existing and proposed outsourcing arrangements, and to monitor and control risk arising from material arrangements.

The provision of services by a financial institution’s foreign head office or any of its foreign divisions to the Canadian branch operation is considered to be outsourcing. However, not all of the guidelines apply in these situations.

The transition period for full compliance with the guidelines remains unchanged. By the end of January 2005, all material outsourcing arrangements must comply with the guidelines.

OSFI says it is continually assessing the adequacy of the guidelines as institutions embrace outsourcing and enter into more significant arrangements. Further study has commenced and revisions may be required as a result of OSFI’s ongoing review of the area.